[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] Web Application Firewall bypass via F5 Big-IP partial URI decoding
From: RedTimmy Security <redazione () segfault ! it>
Date: 2020-04-20 11:53:56
Message-ID: 808947347.320485.1587383636861 () webmail ! register ! it
[Download RAW message or body]
Hi
we have published a new post in our blog titled "How to hack a company by circumventing its WAF \
for fun and profit – part 2".
We basically shows how the absence of URI decondig or partial URI decoding can both be abused \
to circumvent custom iRules.
Full story is here: https://www.redtimmy.com/web-application-hacking/how-to-hack-a-company-by-circumventing-its-waf-for-fun-and-profit-part-2/
regards
RedTimmy Security
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic